Privacy Policy

Effective date: March 2026

Sovereign Industry Report ("S.I.R.", "we", "us", or "our") operates www.thesir.app. This Privacy Policy describes how we collect, use, and protect your information when you use our platform.

1. Information We Collect

We collect the following types of information:

• Account information: Email address, display name, and hashed password (for email registration). For OAuth users (Google or Discord), we receive your OAuth identity and profile name.
• Multi-factor authentication: If you enable MFA, we store TOTP enrollment data for your account security.
• User-generated content: Forum posts, chat messages, poll responses, representative ratings, bug reports, and bill follow/watch selections.
• Technical data: Authentication session cookies, device trust cookies (for MFA), error logs, and localStorage preferences (UI settings, cookie consent choice, feature tour state).

2. How We Use Your Information

• Account management: Creating and maintaining your account, authenticating your identity, and managing your display name.
• Platform features: Enabling forum participation, bill tracking, representative ratings, chat, polls, and personalized feeds.
• Security: Device trust verification for multi-factor authentication, rate limiting, and abuse prevention.
• S.I.R. generated content: We use proprietary technology at build time to generate bill summaries and classification data. No user data is sent to external services for this purpose — only publicly available legislative text is processed.

3. Third-Party Services

We use the following third-party services to operate S.I.R.:

• Supabase: Authentication, database hosting, and row-level security. Your account data and user-generated content are stored in Supabase.
• Google OAuth: Optional sign-in method. We receive your name and email from Google when you choose to sign in with Google.
• Discord OAuth: Optional sign-in method. We receive your username and email from Discord when you choose to sign in with Discord.
• S.I.R. Analysis Engine: Used at build time only to summarize and classify legislative bill text. No user data is processed by this system.
• LegiScan API: Source of legislative bill data. No user data is sent to LegiScan.
• Open States API: Source of state representative data. No user data is sent to Open States.
• DigitalOcean: Application hosting. Your requests are processed on DigitalOcean servers.

4. Cookies and Local Storage

We use the following cookies and local storage items:

• Essential cookies: Supabase authentication session cookie (required for login) and device trust cookie (required for MFA verification). These cannot be disabled.
• Local storage: UI preferences (theme, sidebar state), cookie consent choice, and feature tour completion state. These are stored only in your browser and are not transmitted to our servers.

We do not use third-party tracking cookies or advertising cookies. Non-essential cookies, if introduced in the future, will be gated by a consent banner.

5. Data Retention

• Account data: Retained until you delete your account.
• Activity logs: Retained for 90 days, then automatically purged.
• Error logs: Retained for 30 days.
• User-generated content: Forum posts, chat messages, and ratings persist until you manually delete them or delete your account.

6. Your Rights

You have the right to:

• Access your personal data through your account settings.
• Correct your display name and profile information at any time.
• Delete your account and associated data by contacting us at [email protected].

We will respond to data requests within 30 days.

7. Data We Do NOT Collect

• Payment or billing information (S.I.R. is currently free)
• Precise location or GPS data
• Browsing history outside of S.I.R.
• Third-party advertising or tracking cookies

8. Data Sources and Attribution

Legislative bill data displayed on S.I.R. is aggregated from publicly available sources:

• LegiScan (legiscan.com) — Legislative bill tracking data for all 50 states.
• Open States (openstates.org) — State representative and legislator data.

Individual bill detail pages include source attribution linking to the original data provider. S.I.R. generated bill summaries are produced at build time using publicly available legislative text and may contain inaccuracies. Always verify with official state legislature sources.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be announced via a site notification. The "Effective date" at the top of this page will be updated accordingly. Continued use of S.I.R. after changes constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy or your data, contact us at [email protected].

Disclaimer: S.I.R. provides legislative data for informational purposes only. The bill information, S.I.R. generated summaries, and representative data displayed on this platform do not constitute legal advice. Always consult official state legislature sources and qualified legal counsel for decisions related to legislation.